Full title: Rejetto HttpFileServer Remote Command Execution Exploit 
Category: remote exploits
Platform: windows
Rejetto HttpFileServer (HFS) is vulnerable to remote command execution attack due to a poor regex in the file ParserLib.pas. This Metasploit module exploit the HFS scripting commands by using '%00' to bypass the filtering. This Metasploit module has been tested successfully on HFS 2.3b over Windows XP SP3, Windows 7 SP1 and Windows 8.

# 0day.today @ http://0day.today/